View Review Details

Book:   Secure Programming Cookbook for C and C++
Subject:   Packed with useful information
Date:   2007-01-07 21:58:17
From:   mdh
Rating:  StarStarStarStarStar

Some years later, this is still one of the best books I've ever purchased, along with the first revision of the Camel Book which got me well on my way to competently pumping out decent Perl code, this book really helped me get a footing with regard to writing competent encryption code using OpenSSL. Most common tasks you'll need to perform using SSL are covered, and that's only about 1/3 of the book's content. It also delves rather deeply into lower level cryptographic development as well as other security solutions for C programmers.
It goes beyond just programming, too. In terms and code examples that a competent C programmer can understand, it makes clear just what the myriad acronyms you'll run into while working with encryption code, how they function, how they interact to create code that provides a given amount of security and trust, and most importantly how to implement them in a way that your needs are met.


If you are a C programmer, you should read and have this book around. If you write code that deals with user input, authentication, cryptographic, or network communications, it's practically a must.


I'm hoping for a second edition some time. Some coverage of code auditing tools might be interesting, that field has developed a lot over the past years since this book was released. OpenSSL has progressed a bunch, too, and some more in-depth specifics (such as web functionality, maybe even coverage of common GUI toolkits like GTK, Qt, etc) would be just wonderful, as well.
C is far from dead. I've been using C for the past 11 years, and it's still the language I use more than any other.


See larger cover

Got a Question?






Favicon Service and support by Satisfaction